The CEO of Bit9 speaks from experience: His firm was hacked, sensitive data stolen and customers put at risk. And what's happened since represents his mission to fend off attackers, even as they refine their hacks.
Many Apple and Android devices are vulnerable to a TLS/SSL "Freak" flaw, which could be exploited to subvert secure Web connections. The flaw is a legacy of U.S. government export restrictions on strong crypto.
Canadian Internet service provider Rogers Communications has confirmed that information about the company and its customers was leaked after attackers successfully targeted one of its employees via a social engineering attack.
Information on 50,000 drivers for ride-sharing service Uber was breached in May 2014, the company discovered in September and announced on Feb. 27. Uber has launched a related lawsuit and is seeking records from code-sharing website GitHub.
SIM card manufacturer Gemalto says its investigation into a reported U.S. and U.K. intelligence agency espionage operation found that its internal networks housing encryption keys weren't breached. But security experts question those findings.
Hackers have been stealing the secret trading algorithms that are the lifeblood of many hedge funds and high-frequency trading firms, according to two security companies. What can be done to mitigate the risks?
The hacking group Lizard Squad has claimed credit for hijacking the website of Lenovo.com and redirecting visitors to an attacker-controlled site. It also indicates that it's now sitting on a cache of stolen Lenovo e-mail messages.
Authorities have disrupted a botnet that was serving up the Ramnit banking malware, which has infected 3 million PCs worldwide. But information security experts warn that the disruption will likely be temporary.
Anthem Inc. now confirms that the health insurer's recent data breach compromised a database containing personal information on 78.8 million individuals, with information on millions potentially stolen.
Lenovo says it is working to remotely delete Superfish adware that it preinstalled on many laptops for consumers. But US-CERT warns that many products use the Komodia root certificate that is triggering security warnings.
With white-hat security researchers gaining increasing mainstream recognition, hacking as a vocation is no longer taboo - and Indian researchers are flocking to the profession, says HackerOne's Katie Moussouris
Manufacturers of PCs and mobile devices must end the practice of preloading "bloatware." Lenovo's experience with offering "free" adware shows the hidden security and performance tradeoffs buyers must endure.